Audio fingerprinting uses the Web Audio API to create unique device signatures based on how your system processes audio signals. It's a subtle but effective tracking technique.
🔬 How Audio Fingerprinting Works
The technique exploits differences in audio processing:
- Create AudioContext: Initialize the Web Audio API
- Generate Signal: Create an oscillator or noise source
- Process Audio: Apply effects like compression or filtering
- Analyze Output: Capture the processed audio data
- Generate Hash: Create a fingerprint from the audio samples
Example Code
const audioContext = new (window.AudioContext || window.webkitAudioContext)();
const oscillator = audioContext.createOscillator();
const analyser = audioContext.createAnalyser();
const compressor = audioContext.createDynamicsCompressor();
// Configure oscillator
oscillator.type = 'triangle';
oscillator.frequency.value = 10000;
// Connect nodes
oscillator.connect(compressor);
compressor.connect(analyser);
analyser.connect(audioContext.destination);
// Start and capture
oscillator.start(0);
// Get frequency data for fingerprint
const frequencyData = new Float32Array(analyser.frequencyBinCount);
analyser.getFloatFrequencyData(frequencyData);
// Hash the data for fingerprint
const fingerprint = hashFunction(frequencyData);🎯 Why Audio Fingerprinting Works
Different devices produce different audio signatures due to:
- Audio Hardware: Sound cards and DACs vary
- Driver Differences: Audio drivers process signals differently
- OS Audio Stack: Windows, macOS, Linux handle audio differently
- Sample Rate: Default sample rates vary by system
- Floating Point Precision: CPU floating-point calculations differ
📊 AudioContext Properties
Additional fingerprinting data from AudioContext:
sampleRate- System audio sample rate (e.g., 44100, 48000)maxChannelCount- Maximum audio channels supportednumberOfInputs/Outputs- Audio node capabilitieschannelCountMode- Channel handling mode
🛡️ Spoofing Audio Fingerprints
Antidetect browsers handle audio fingerprinting through:
1. Noise Addition
Adding imperceptible noise to audio output that changes the fingerprint hash.
2. Sample Rate Spoofing
Reporting a different sample rate than the actual hardware.
3. Processing Modification
Altering how audio nodes process signals to create consistent fake fingerprints.
4. Context Isolation
Each browser profile gets its own AudioContext configuration.
🔍 Detection Challenges
Audio fingerprinting is harder to detect than canvas because:
- No visible output to inspect
- Runs silently in the background
- Often combined with legitimate audio features
- Difficult to distinguish from normal audio processing
❓ Frequently Asked Questions
No. Audio fingerprinting doesn't use your microphone at all. It generates synthetic audio signals and analyzes how your system processes them. No actual sound is recorded.
Usually no. Most implementations either use inaudible frequencies, very short durations, or disconnect from speakers before generating sound. The process is designed to be silent.
Yes, it's used by many tracking services as part of their fingerprinting toolkit. It's particularly valuable because it's less known than canvas fingerprinting and harder to block.